<?php
    define('CONFIG_FILE',true);
    include '../config.php';
    
    define('DB_FILE',true);
    require_once '../Tool/DB/SqlDBManager.class.php';
    require_once '../Tool/Common/PrepareInput.php';

    session_start();
    if (empty($_SESSION["userType"])) {
        $url="../Index.php";
		include_once '../Tool/Common/Redirect.php';
		exit();
    }

    if($_SESSION["userType"]=="Therapy Assistant"){
        $url="../Index.php";
		include_once '../Tool/Common/Redirect.php';
		exit();
    }

    $InsertUsername=$InsertPassword=$InsertStaffName=$InsertContactNo=$InsertUserType=$InsertCentreId=$InsertEmail="";

    if(isset($_REQUEST['InsertUsername'])) { 
        $InsertUsername=prepareInput($_REQUEST['InsertUsername']); 
    }
    if(isset($_REQUEST['InsertPassword'])) { 
        $InsertPassword=prepareInput($_REQUEST['InsertPassword']); 
    }
    if(isset($_REQUEST['InsertContactNo'])) { 
        $InsertContactNo=prepareInput($_REQUEST['InsertContactNo']); 
    }
    if(isset($_REQUEST['InsertStaffName'])) { 
        $InsertStaffName=prepareInput($_REQUEST['InsertStaffName']); 
    }
    if(isset($_REQUEST['InsertUserType'])) { 
        $InsertUserType=prepareInput($_REQUEST['InsertUserType']); 
    }
    if(isset($_REQUEST['InsertCentreId'])) { 
        $InsertCentreId=prepareInput($_REQUEST['InsertCentreId']); 
    }
    if(isset($_REQUEST['InsertEmail'])) { 
        $InsertEmail=prepareInput($_REQUEST['InsertEmail']); 
    }

    $result=array();

    $result['flagUserName']=0;
    $result['flagUserNameExist']=1;
    $result['flagPasswordLength']=0;
    $result['flagPasswordMatch']=0;
    $result['flagPasswordContain']=0;
    $result['flagPasswordLowercase']=0;
    $result['flagPasswordUppercase']=0;
    $result['flagPasswordNumber']=0;
    $result['flagPasswordWhitespace']=0;
    $result['flagStaffName']=0;
    $result['flagContactNo']=0;
    $result['flagUserType']=0;
    $result['flagCentreId']=0;
    $result['flagEmailFormat']=0;  
    $result['flagEmailExist']=1;

    if(preg_match("/^[0-9A-Za-z ]*$/",$InsertUsername)&&!empty($InsertUsername)){
        $result['flagUserName']=1;
    }

    //Check username exist or not
    $sqlDBManager = new SqlDBManager();
    $sql="Select Username FROM User";
    $res=$sqlDBManager->queryRows($sql);
    if(!empty($res)){
        for($i=0;$i<count($res);$i++){
            $result['flagUserNameExist']=0;
            if($res[$i]['Username']==$InsertUsername){
                break;
            }else{
                $result['flagUserNameExist']=1; 
            }
        }
    }  

    //Validate password
    if(strlen( $InsertPassword)>=8){
        $result['flagPasswordLength']=1;
    }
    // Check for username match
    if ( $InsertPassword != $InsertUsername) {
        $result['flagPasswordMatch']=1;
    }
    // Check for containing username
    if(strpos($InsertPassword, $InsertUsername)===false ) {
        $result['flagPasswordContain']=1;
    }
    // Check for lowercase
    if(preg_match('/[a-z]/', $InsertPassword)){
        $result['flagPasswordLowercase']=1;
    }
    // Check for uppercase
    if(preg_match('/[A-Z]/', $InsertPassword )){
        $result['flagPasswordUppercase']=1;
    }
    // Check for numbers
    if(preg_match( '/[0-9]/', $InsertPassword )){
        $result['flagPasswordNumber']=1;
    }
    // Check for whitespace
    if(!preg_match( '/[\s]/', $InsertPassword)){
        $result['flagPasswordWhitespace']=1;
    }

    if(preg_match("/^[A-Za-z-. ]*$/",$InsertStaffName)&&!empty($InsertStaffName)){
        $result['flagStaffName']=1;
    }
    if(preg_match("/^[689][0-9]{7}$/",$InsertContactNo)&&!empty($InsertContactNo)){
        $result['flagContactNo']=1;
    }
    if(preg_match("/^[A-Za-z ]*$/",$InsertUserType)&&!empty($InsertUserType)){
        $result['flagUserType']=1;
    }
    if(preg_match("/^[0-9]*$/",$InsertCentreId)&&!empty($InsertCentreId)){
        $result['flagCentreId']=1;
    }

    //Validate Email Format
    if(preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$InsertEmail)&&!empty($InsertEmail)){
        $result['flagEmailFormat']=1;  
    }

    //Validate Email exist or not
    $sql="Select Email FROM User";
    $res=$sqlDBManager->queryRows($sql);
    if(!empty($res)){
        for($i=0;$i<count($res);$i++){
            $result['flagEmailExist']=0;
            if($res[$i]['Email']==$InsertEmail){
                break;
            }else{
                $result['flagEmailExist']=1; 
            }
        }
    }   
    echo json_encode($result);
?>